Short summary
Anyone on the same LAN (or internet if port 8090 is forwarded) can reach the YAMCS UI and API.
Motivation and user story
address: "0.0.0.0" — YAMCS HTTP server now binds all network interfaces. Anyone on the same LAN (or internet if port 8090 is forwarded) can reach the YAMCS UI and API. The
Copilot suggestion to use 127.0.0.1 was intentional hardening.
allowOrigin: "*" — Any webpage in any browser can make cross-origin requests to YAMCS API. allowCredentials: false limits damage (no auth cookies sent), but still exposes all
public YAMCS data to arbitrary sites.
Proposed implementation
Mitigations to consider:
- If YAMCS only runs on dev machines (never exposed to internet), 0.0.0.0 on a firewalled LAN is probably acceptable risk.
- If deployed as a ground station accessible remotely, add firewall rules to restrict port 8090 to trusted IPs.
- A proper Docker fix: use a reverse proxy (nginx) that binds 127.0.0.1:8090 on host and forwards to container — keeps 0.0.0.0 inside container but unexposed externally.
- Tighten allowOrigin to the actual hostname/IP used to access YAMCS instead of *.
Priority
None
Short summary
Anyone on the same LAN (or internet if port 8090 is forwarded) can reach the YAMCS UI and API.
Motivation and user story
address: "0.0.0.0" — YAMCS HTTP server now binds all network interfaces. Anyone on the same LAN (or internet if port 8090 is forwarded) can reach the YAMCS UI and API. The
Copilot suggestion to use 127.0.0.1 was intentional hardening.
allowOrigin: "*" — Any webpage in any browser can make cross-origin requests to YAMCS API. allowCredentials: false limits damage (no auth cookies sent), but still exposes all
public YAMCS data to arbitrary sites.
Proposed implementation
Mitigations to consider:
Priority
None